<?php include('includes/connection_settings.php');

if (!isset($_COOKIE['username'])) {
 echo("Log in first!");
 exit;
}

//Strips " and ' marks
$bannedMarks = array("\"", "'", "<");

$_COOKIE['username'] = str_replace($bannedMarks, "", $_COOKIE['username']);
$_GET['startingLanguage'] = str_replace($bannedMarks, "", $_GET['startingLanguage']);
$_GET['minimumPoints'] = str_replace($bannedMarks, "", $_GET['minimumPoints']);
$_GET['numberOfWordPair'] = str_replace($bannedMarks, "", $_GET['numberOfWordPair']);
$_GET['theForeign'] = str_replace($bannedMarks, "", $_GET['theForeign']);

$startingLanguage = $_GET['startingLanguage'];

if ($startingLanguage == "theForeign") {
 $antiStartingLanguage = "local";
}

else {
 $antiStartingLanguage = "theForeign";
}


//
// PICKS USERS DICTIONARYS AND MAKES END PART OF QUERY
//
 $table = mysql_query("SELECT dictionary FROM choices WHERE {$_COOKIE['username']} = true");
 if (!isset($table)) {
  echo "<h1>Can't choose data from the table!</h1><p>" . mysql_error($connection) . "</p>";
  exit;
 }

 if (mysql_result($table, 0, 0) == "") {
  echo "<p>No dictionaries selected! Please, <a href='dictionarySwichForm.php'>choose your dictionaries</a></p></form>";
  exit;
 }

 for ($i = 0;$i < mysql_num_rows($table); $i++) {
  $dictionariesInArray[$i] = mysql_result($table, $i, 0);
 }

 for ($i = 0; $i <= count($dictionariesInArray) - 1; $i++) {
  if ($i == 0) {
   $endOfCommand = "dictionary = '{$dictionariesInArray[0]}'";
  }
  else {
   $endOfCommand = $endOfCommand . " OR points_{$_COOKIE['username']} = {$_GET['minimumPoints']} AND dictionary = '{$dictionariesInArray[$i]}'";
  }
 }
/////



//
// RETURNS THE RIGHT FOREIGN WORD AND ITS POINTS
//
//The right word
$command = "SELECT * FROM words WHERE points_{$_COOKIE['username']} = {$_GET['minimumPoints']} AND {$endOfCommand}";
$table = mysql_query($command);
if (!isset($table)) {
 echo "<h1>Can't choose data from the table!</h1><p>" . mysql_error($connection) . "</p>";
 exit;
}
$rightForeign = mysql_result($table, $_GET['numberOfWordPair'], $antiStartingLanguage);

//Its points
$command = "SELECT points_{$_COOKIE['username']} FROM words WHERE {$antiStartingLanguage} = '{$rightForeign}'";
$table = mysql_query($command);
if (!isset($table)) {
 echo "<h1>Can't create a new table!</h1><p>" . mysql_error($connection) . "</p>";
 exit;
}
$points = mysql_result($table, 0, 0);
/////



//
// CHECKS IF THE ENTERED WORD IS RIGHT OR WRONG AND MAKES THE RIGHT OPERATIONS
//
//Right
if ($_GET['theForeign'] == $rightForeign) {
 //Adds a point if not 5 already�
 if ($points < 5) {
  $command = "UPDATE words SET points_{$_COOKIE['username']} = points_{$_COOKIE['username']} + 1 WHERE {$antiStartingLanguage} = '{$rightForeign}'";
  if (!mysql_query($command)) {
   echo "<h1>Can't update data to the table!</h1><p>" . mysql_error($connection) . "</p>";
   exit;
  }
 }
 echo "true";
}

//Wrong
else {
 //Subtracks a point if not already zero
 if ($points > 0) {
  $command = "UPDATE words SET points_{$_COOKIE['username']} = points_{$_COOKIE['username']} - 1 WHERE {$antiStartingLanguage} = '{$rightForeign}'";
  if (!mysql_query($command)) {
   echo "<h1>Can't update data to the table!</h1><p>" . mysql_error($connection) . "</p>";
   exit;
  }
 }

 echo "<p>No, the right word would have been <b>{$rightForeign}</b>, not <b>{$_GET['theForeign']}</b></p>";
}
/////

?>
